[ACS_Solver]

You build good systems with a combination of technical and legal measures, of course. Ban sharing of purchase data (legal measure) and also build systems to the data is encrypted with your on-card key (technical measure). It's no different from any other system. Violators need to be punished accordingly, but that's a broader failure in tech, that fines for abuse are very small.

Of course legal restrictions don't work well without technical measures, but anything privacy-related is a social problem first and foremost, so it needs legal solutions in addition to the technical ones.

[zAy0LfpBZLC8mAC]

> You build good systems with a combination of technical and legal measures, of course.

How is that "of course"? Not excluding one or the other a priori is one thing, but why would it be the obviously right choice to always use a combination of both?

> Ban sharing of purchase data (legal measure) and also build systems to the data is encrypted with your on-card key (technical measure).

How would that "encrypting with your on-card key" thing work?

> Of course legal restrictions don't work well without technical measures, but anything privacy-related is a social problem first and foremost, so it needs legal solutions in addition to the technical ones.

How does it follow that when you have a social problem, you need a legal solution? That seems like a complete non-sequitur to me.

[ACS_Solver]

> How is that "of course"? Not excluding one or the other a priori is one thing, but why would it be the obviously right choice to always use a combination of both?

I guess I've always thought of the two as complementary. You have a goal to encourage or discourage some behavior, or address a problem, so you want both technical and legal measures. You don't want cars stolen, so you make that illegal and also add anti-theft technology to the cars. You want people to pay taxes, so you also develop a system that makes declaring and paying very easy for most. You want protect privacy, you complement legal protections with technology that helps achieve it.

> How would that "encrypting with your on-card key" thing work?

I don't know exactly, it's not my area of expertise. My understanding is that EMV cards have a unique keypair stored on them, in which case it's not a big stretch to imagine a process that encrypts the exact record of what you bought with the card's private key, so it's a technical impossibility to decrypt without your consent.

> How does it follow that when you have a social problem, you need a legal solution? That seems like a complete non-sequitur to me.

I'm a bit baffled - it seems pretty clear to me that legal changes have been a major part of our general progress as a society, and have in most cases been part resolving social problems. Sometimes we change the law to get to a desired solution, sometimes we change the law to enshrine an established solution. With privacy being a social problem, we need both better technology and better laws.

[zAy0LfpBZLC8mAC]

> I guess I've always thought of the two as complementary.

In general, sure, but in any particular case? Essentially what I said before: It's not useful to exclude one or the other a priori, but it seems perfectly sensible to end up with purely technological solutions to some problems and with purely legal solutions to some others. Or phrasing it differently: It's not useful to set the balance of technological vs. legal solutions a priori. For some problems, a 99% technological/1% legal solution might be the right balance.

> My understanding is that EMV cards have a unique keypair stored on them, in which case it's not a big stretch to imagine a process that encrypts the exact record of what you bought with the card's private key, so it's a technical impossibility to decrypt without your consent.

Well, I'm not sure that that's the case currently, but given that they are smart cards, that sure would be a possibility. But it wouldn't really help much anyway, because that (a) doesn't hide who paid how much when to which vendor, which is already a huge privacy risk and (b) can not prevent collusion between vendors and banks. The vendor knows what they sold you in that transaction, there is no real way to force them to forget that. And also, if it's a card handed to you to your bank, how do you know they don't know the key? The only way to reliably enforce privacy there is to make the payment anonymous the way cash does.

Of course, one could maybe build something like digital cash, but that would probably look closer to bitcoin than to credit cards or bank transfers.

The point here is: It's not helpful to just say "solve this with crypto" if you can't really explain how crypto would actually solve the problem while sort-of dismissing the actual technological solution to the problem: cash.

> I'm a bit baffled - it seems pretty clear to me that legal changes have been a major part of our general progress as a society,

Well, yeah, sure!?

> and have in most cases been part resolving social problems.

Have they? That seems questionable to me, and also pretty difficult to even quantify. And also, it doesn't really get you to your claim anyway if is't just "most cases", does it?

> Sometimes we change the law to get to a desired solution, sometimes we change the law to enshrine an established solution.

And sometimes neither of those because technology simply makes the problem disappear?

I mean, I don't have any objection to legal solutions to problems, I just don't see how it makes sense to say a priori that legal measures must be a part of the solution to some problem, instead of looking at the effectiveness of various approaches and choose a good approach based on that. If legal rules regarding personal data are basically unenforceable and we have strong evidence that the ones we already have are constantly being ignored, then maybe the technical solution of using a payment system that doesn't give anyone even the chance to collect personal data to abuse is the effective solution? Why should we prefer a (more) legal solution when all the evidence suggests that it doesn't work?

I guess another way to look at this is to consider that legal solutions without some sort of technological foundation can actually not work for anything. What I mean by that is: Writing down a bunch of rules alone does not solve any problems. Only when there is some structure that ensures that those rules are actually being followed does a legal solution become effective. Which thus also means that if you make rules where it is impossible in practice to ensure that they are being followed, you do not actually have a solution at all.